Applied Cybersecurity

In today’s world, organizations must be prepared to defend against threats in cyberspace. Decision makers must be familiar with the basic principles and best practices of cybersecurity to best protect their enterprises. In this course, experts from academia, the military, and industry share their knowledge to give participants the principles, the state of the practice, and strategies for the future.

Sessions will address information security, ethical and legal practices, and mitigating cyber vulnerabilities. Participants will also learn about the process of incident response and analysis. The content is targeted at ensuring the privacy, reliability, and integrity of information systems.

The majority of the course (about 75%) is geared toward participants at the decision-making level who need a broad overview, rather than those who are already deeply immersed in the technical aspects of cybersecurity (software development, digital forensics, etc.), although both groups will find the course valuable.

Cybersecurity is a very large subject, and therefore this course is only intended to cover the basics of the current leading and pressing cybersecurity topics. The result is that we can cover many different approaches. We cover the introduction of a topic and after the fundamentals, you can explore further on your own. The goal is for participants to understand the utility of each topic, not to become specialists in any one subject.

Lead Instructor(s):

John R. Williams

Abel Sanchez

Dates:

Jun 25, 2018 - Jun 29, 2018

Course Length:

5 Days

Course Fee:

$4,950

CEUs:

3.3

Status:

Open

It is highly recommended that you apply for a course at least 6-8 weeks before the start date to guarantee there will be space available. After that date you may be placed on a waitlist. Courses with low enrollment may be cancelled up to 4 weeks before start date if sufficient enrollments are not met. If you are able to access the online application form, then registration for that particular course is still open.

Who Should Attend:

Seventy-five percent of the course is geared toward providing a basic framework for professionals making cybersecurity decisions in industry and government and individuals seeking to immerse themselves in the pressing issues of cybersecurity, giving them the information they need to make the best decisions for the defense of their organizations. About a quarter of the course covers more technical areas of interest to people with more engineering-focused backgrounds, such as software developers or those working in digital forensics. Although those with a computing background would be better prepared for the more technical topics, an engineering or computing background is not required to benefit from any of the sessions.

Computer Requirements:

Laptops (2009 or newer) with a modern operating system for which you have administrator privileges are required. Tablets will not be sufficient for the computing activities in this course.

Program Outline:

Please note that the exact nature and order of the topics is subject to change.

Introduction to Information Security Fundamentals and Best Practices

Protecting Your Computer and its Contents

Securing Computer Networks--Basics of Networking

Compromised Computers

Secure Communications and Information Security Best Practices

Privacy Guidelines

Safe Internet Usage

Ethics in Cybersecurity & Cyber Law

Privacy

Intellectual Property

Professional Ethics

Freedom of Speech

Fair User and Ethical Hacking

Trademarks

Internet Fraud

Electronic Evidence

Cybercrimes

Forensics

Forensic Technologies

Digital Evidence Collection

Evidentiary Reporting

Network Assurance

Layered Defense

Surveillance and Reconnaissance

Outsider Thread Protection

Secure Software & Browser Security

Software Construction

Software Design and Architecture

Software Testing

Methodologies

The New Universal Client

The Web Model

Cookies and Browser Storage

HTML5 Security

Business Information Continuity

Managing a Business Information Continuity Plan

Vulnerabilities and Controls

The Law and Business Information Continuity Plan

Information Risk Management

Asset Evaluation and Business Impact Analysis

Risk Identification

Risk Quantification

Risk Response Development and Control

Security Policy, Compliance, and Business Continuity

Cyber Incident Analysis and Response

Incident Preparation

Incident Detection and Analysis

Containment, Eradication, and Recovery

Proactive and Post-Incident Cyber Services

As part of this course, participants will undertake a group project. Examples of projects from 2016 can be found at http://cybersecurity.mit.edu/.

Instructors:

Professor Williams holds a BA in physics from Oxford University, an M.Sc. in physics from UCLA, and a Ph.D. from Swansea University. His area of specialty is large scale computer analysis applied to both physical systems and to information.

Professor Williams is internationally recognized in the field of computational algorithms for large-scale particle simulators and has authored two books and over 100 publications. For the past eight years, his research has focused on architecting of large scale distributed simulation systems. He teaches graduate courses on Modern Software Development and on Web System Architecting.

Presently Professor Williams is Director of MIT's Auto-ID Laboratory and has strong involvement in the MIT Geonumerics group.

Dr. Abel Sanchez holds a Ph.D. from the Massachusetts Institute of Technology (MIT). His areas of expertise include the Internet of Things (IOT), radio frequencyidentification (RFID), simulation, engineering complex software systems, and cyber-physical security. He teaches graduate courses in Information engineering, cybersecurity, and software architecture. For the past six years, his research has focused on architecting large scale distributed simulation systems.

Ted Wagner is the Chief Information Security Officer for SAP National Security Services (SAP NS2). SAP is the world’s leading provider of business software solutions, and National Security Services provides industry focused services for the US DOD, Intelligence Community, and Civil n Departments/Agencies.

Ted joined SAP National Security Services in March, 2015. He is responsible for the security and compl nce of the corporate network, sharing best practice with customers and supporting NS2’s FedRAMP Cloud init tive. He was previously the CISO for TASC. He supported the Army’s CERT for 9 years as a project manager for Northrop Grumman. He was responsible for the Incident Response, Forensic and Malware Analysis support provided to Army Cyber Command and 1st IO Command.

Ted has led cyber teams employing tactical to strategic capabilities. Experience includes completing the certification and accreditation process for Agency level programs. He developed curriculum for the Computer Network Operations planner course and established a team validation process for deploying cyber teams. Presented at national and international conferences. Ted serves in the U.S. Army Reserves. He holds the rank of Colonel and is currently the Deputy Chief of Staff, G6, 80th Training Command (TASS). He is an adjunct professor at University of Maryland University College teaching Cyber Policy. He is a guest lecturer at MIT and serves as an Advisory Board Member to the Geospat l Data Center. He is published in the book, Cyber Infrastructure Protection, Strategic Studies Institute.

Professional Experience

CISO, SAP National Security Solutions

CISO, TASC

Northrop Grumman, Project Manager

Booz Allen Hamilton, Associate

Education

Bachelor of Economics from the Virginia Military Institute

Masters of Economics Virginia Polytechnic Institute and State University.

Links & Resources:

Location:

This course takes place on the MIT campus in Cambridge, Massachusetts. We can also offer this course for groups of employees at your location. Please complete the Custom Programs request form for further details.